As part of a "highly sophisticated espionage campaign" in mid-September 2025, Chinese state-sponsored threat actors employed artificial intelligence (AI) to plan automated cyberattacks. The GTG-1002 campaign is the first instance of a threat actor using AI to carry out a "large-scale cyber attack" without significant human involvement. According to the assessment, the activity manipulated Anthropic's AI coding tool, Claude Code, in an effort to gain access to roughly thirty global targets, including government agencies, financial institutions, big tech companies, and chemical manufacturing firms.

Since then, Anthropic has banned the pertinent accounts and implemented defensive measures to identify these attacks, which have been characterized as "well-resourced" and "properly coordinated". According to the company, its AI tool produced thorough attack documentation at every stage, enabling the threat actors to probably transfer persistent access to other teams for long-term operations following the initial wave. The revelation was made almost four months after Anthropic foiled another complex scheme in July 2025 that used Claude as a weapon to steal and extort a lot of personal information.

Google and OpenAI have also revealed attacks carried out by threat actors using ChatGPT and Gemini, respectively, during the last two months. The company stated, "This campaign demonstrates that the barriers to performing sophisticated cyberattacks have dropped substantially." Large-scale attacks of this kind may now be carried out by groups with less resources and experience, according to a blog post published by Anthropic on Monday. Although no arrests have been made as of yet, the company stated that it is looking into how the attacks were carried out and who was responsible.

Additionally, it is looking into how AI tools can create false credentials or present information that is readily available to the public as important discoveries during autonomous operations, creating significant obstacles to the overall efficacy.